Does TPM/Secure Boot have any effect on OS or game performance?

Discussion in 'Operating Systems' started by BlindBison, Jul 9, 2021.

  1. BlindBison

    BlindBison Master Guru

    Messages:
    850
    Likes Received:
    180
    GPU:
    RTX 2080 Super
    Recently I went digging through my BIOS to enable those settings in preparation for the official Windows 11 launch later this year. If "DirectStorage" ends up being restricted to Win11 then seems to me I've gotta make the jump and at a glance some of the UI changes seem nice to me.

    One thing I'm wondering about though is the title -- namely do these security settings negatively impact performance in some way? In my BIOS they were both Disabled by default and I've heard here and there that certain software fixes for various security flaws have negatively impacted performance to some extent in the past so I wondered.

    If there is some potential negative effect then perhaps best to leave them OFF til Win11 actually rolls out, but if not then I'd rather just go ahead and leave them enabled for an easy upgrade later. Thanks!
     
  2. tsunami231

    tsunami231 Ancient Guru

    Messages:
    12,104
    Likes Received:
    922
    GPU:
    EVGA 1070Ti Black
    my understanding the hit to performance is on boot? but when i was messing with stuff i say no hit to boot performance, gaming i dont know as i just turned it all off no point even having it on even it supported if my cpu is not supported
     
    BlindBison likes this.
  3. Alessio1989

    Alessio1989 Ancient Guru

    Messages:
    2,099
    Likes Received:
    625
    GPU:
    .
    no, tpm and secure bot alone don't affect gaming performance. Bitlocker can (different performance impact on same drive depending on bitlocker method used).
     
    Last edited: Jul 10, 2021
    BlindBison likes this.
  4. BlindBison

    BlindBison Master Guru

    Messages:
    850
    Likes Received:
    180
    GPU:
    RTX 2080 Super
    Thanks!
     

  5. Undying

    Undying Ancient Guru

    Messages:
    16,433
    Likes Received:
    5,369
    GPU:
    Aorus RX580 XTR 8GB
    Disabling csm you have can use ultra fast/fast boot so if nothing it can even speed up boot time. Nothing to do with OS performance tho.
     
    BlindBison likes this.
  6. Trixster

    Trixster Active Member

    Messages:
    89
    Likes Received:
    24
    GPU:
    1070 G1 Gaming
    As others have said, no just enabling them won't hurt general use.

    What could have an impact is if they actually do force the virtualisation based security with Windows 11 or not, indications are they they will be doing so.
    (This is why TPM is potentially going to be required)

    Effectively the OS would run behind a HyperV VM, how much this on its own could hamper system performance I'm not sure but there would be some impact.

    Our work devices use VBS in Windows 10, now admittedly we have a crap ton of other monitoring software on them too but their performance isn't close to how a vanilla Windows 10 install behaves on the same hardware.

    Edit: Thinking about it, you could do this in Windows 10 by enabling Core Isolation -> Memory Integrity in Defender. Or enable App Guard or Windows Hypervisor Platform in the additional Windows Features which I believe enable VBS on your machine (if suitable) to test any impact.
     
    386SX and BlindBison like this.
  7. BlindBison

    BlindBison Master Guru

    Messages:
    850
    Likes Received:
    180
    GPU:
    RTX 2080 Super
    That's really interesting, in that case I definitely hope they don't put the OS behind a VM lol
     
  8. Alessio1989

    Alessio1989 Ancient Guru

    Messages:
    2,099
    Likes Received:
    625
    GPU:
    .
    conceptually an OS is a VM.adding a deeper hypervisor like they did first on XB1 would not make great sense on PC.
     
    BlindBison likes this.
  9. antonyfrn

    antonyfrn Maha Guru

    Messages:
    1,266
    Likes Received:
    7
    GPU:
    EVGA GTX 1070 FTW
    Never noticed any on my system and I've always had TPM enabled.
     
    BlindBison likes this.
  10. 386SX

    386SX Maha Guru

    Messages:
    1,168
    Likes Received:
    1,238
    GPU:
    AMD Vega64 RedDevil
    Alessio1989 and BlindBison like this.

  11. BlindBison

    BlindBison Master Guru

    Messages:
    850
    Likes Received:
    180
    GPU:
    RTX 2080 Super
  12. Alessio1989

    Alessio1989 Ancient Guru

    Messages:
    2,099
    Likes Received:
    625
    GPU:
    .
  13. sykozis

    sykozis Ancient Guru

    Messages:
    21,934
    Likes Received:
    1,124
    GPU:
    MSI RX5700
    That's more a problem for corporate IT departments than the common user. The message is pretty simple though. Don't trust a system that has been "configured" by someone outside of your corporate IT department, or that has been handled by someone outside of your corporate IT department.
     
  14. PrMinisterGR

    PrMinisterGR Ancient Guru

    Messages:
    7,868
    Likes Received:
    736
    GPU:
    Inno3D RTX 3090
    Dunno man, the more I read what you wrote, the more it feels like Microsoft's end game.
     
  15. Alessio1989

    Alessio1989 Ancient Guru

    Messages:
    2,099
    Likes Received:
    625
    GPU:
    .
    it' doesn't make sense, that on xbox was meant for separate core OS resource for foreground game, keeping console os responsive. and it worked. you cannot do this on a PC, too many variables and different shits. TPM isn't needed at all also for this. TPM outside preventing random bad guys accessing your data after stealing your laptop when you fool around outside home is completely useless, and it can be bypassed with the right tools since the master keys pass on clear in part of the circuit path at 33.33Mhz (biggest hole still not fixed since 1.x). The alternative is using FTPM on the CPU, which means you are ****** if you need to change the CPU without disabled it.
     

  16. sykozis

    sykozis Ancient Guru

    Messages:
    21,934
    Likes Received:
    1,124
    GPU:
    MSI RX5700
    A couple months ago, I swapped from Ryzen 5 1600AE to Ryzen 5 2600 without disabling TPM.....no issues at all.
    A couple days ago, I swapped from a Ryzen 5 2600 to a Ryzen 5 3600 without disabling TPM.....no issues at all.
    I'd expect that you'd run into issues if you're actually using the TPM for something like, say, Bitlocker or you have Core Isolation enabled....but simply having the TPM enabled when swapping processors doesn't seem to make any difference. At least with AMD's fTPM. I personally go for the bare minimum with fTPM.
     
    386SX likes this.
  17. 386SX

    386SX Maha Guru

    Messages:
    1,168
    Likes Received:
    1,238
    GPU:
    AMD Vega64 RedDevil
    If you dont depend on the TPM then it doesnt matter. As almost always I would guess ... :D
     
  18. sykozis

    sykozis Ancient Guru

    Messages:
    21,934
    Likes Received:
    1,124
    GPU:
    MSI RX5700
    I considered actually putting my TPM to use, until the article you linked to above came along.... After that, I was like "ehh....screw it...."
     
    386SX likes this.
  19. Shadowxaero

    Shadowxaero Master Guru

    Messages:
    217
    Likes Received:
    40
    GPU:
    Red Devil 6800 XT
  20. TimmyP

    TimmyP Master Guru

    Messages:
    730
    Likes Received:
    61
    GPU:
    RTX 3070
    According to The Verge *shrug* MS has laxed the requirements for most processors/systems now, just unofficially. I assume this news will make FP soon. I might rethink installing 11 on my main now, instead of waiting.
     

Share This Page